CVE-2017-0399 - CVE Vulnerability

An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32588756. (CVSS:4.3) (Last Update:2017-01-13)

Vulnerability Details :

An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32588756. Publish Date : 2017-01-12 Last Update Date : 2017-01-13

- CVSS Scores & Vulnerability Types

CVSS Score

4.3

Confidentiality Impact

Partial(There is considerable informational disclosure.)

Integrity Impact

None(There is no impact to the integrity of the system)

Availability Impact

None(There is no impact to the availability of the system.)

Access Complexity

Medium(The access conditions are somewhat specialized. Some preconditions must be satistified to exploit)

Authentication

Not required(Authentication is not required to exploit the vulnerability.)